AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims 
in the application: 



Listing of Claims: 



1 1 . (Currently amended) A method for facilitating a key exchange that 

2 operates with a pre-shared secret key and that hides identities of parties involved 

3 in the key exchange, comprising: 

4 initially establishing a negotiated secret key between a first party and a 

5 second party by performing communications between the first party and the 

6 second party across a network; 

7 wherein the communications between the first party and the second party 

8 do not allow an eavesdropper to determine the negotiated secret key; 

9 encrypting an identifier for the first party using a first key that is a function 

10 of a group secret key and the negotiated secret key to form an encrypted identifier; 

1 1 wherein the group secret key is known to members of a group, including 

12 the first party and the second party, but is kept secret from parties outside of the 

1 3 group; 

14 sending the encrypted identifier from the first party across the network to 

1 5 the second party; 

1 6 allowing the second party to decrypt the encrypted identifier by using the 

1 7 group secret key and the negotiated secret key; 

1 8 allowing the second party to use the identifier to look up the pre-shared 

19 secret key in a table of pre-shared secret keys that was previously established 

20 between the first party and the second party; and 
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21 using the pre-shared secret key in forming at least one subsequent 

22 communication between the first party and the second party. 

1 2 (Canceled). 

1 3. (Previously presented) The method of claim 1 } wherein establishing the 

2 negotiated secret key involves using the Diffie-Hellman method to establish the 

3 negotiated secret key. 

1 4. (Original) The method of claim 1, wherein the second party is a firewall 

2 through which the first party seeks to communicate. 

1 5. (Original) The method of claim 4, wherein the first party is a person 

2 seeking to communicate through the firewall from one of a number of possible 

3 Internet Protocol (IP) addresses. 

1 6. (Original) The method of claim 1 , wherein the group secret key is one of 

2 a plurality of group secret keys maintained by the group. 

1 7. (Currently amended) A method for facilitating a key exchange that 

2 operates with a pre-shared secret key and that hides identities of parties involved 

3 in the key exchange, comprising: 

4 initially establishing a negotiated secret key between a first party and a 

5 second party by performing communications between the first party and the 

6 second party across a network; 

7 wherein the communications between the first party and the second party 

8 do not allow an eavesdropper to determine the negotiated secret key; 



3 

EJG E:\Sun Microsystems\SUN-P5012-RSH\Amendment B SUN-P5012-PL.doc 



9 allowing the first party to encrypt an identifier for the first using a first key 

1 0 that is a function of a group secret key and the negotiated secret key to form an 

1 1 encrypted identifier; 

12 wherein the group secret key is known to members of a group, including 

1 3 the first party and the second party, but is kept secret from parties outside of the 

14 group; 

1 5 receiving the encrypted identifier at the second party from the first party 

1 6 across the network; 

1 7 decrypting the encrypted identifier by using the group secret key and the 

1 8 negotiated secret key; 

1 9 using the identifier to lookup the pre-shared secret key in a table of pre- 

20 shared secret keys that was previously established between the first party and the 

2 1 second party; and 

22 using the pre-shared secret key in forming at least one subsequent 

23 communication between the first party and the second party. 

1 8 (Canceled) 



1 9. (Previously presented) The method of claim 7, wherein establishing the 

2 negotiated secret key involves using the Diffie-Hellman method to establish the 

3 negotiated secret key. 

1 10. (Original) The method of claim 7, wherein the second party is a 

2 firewall through which the first party seeks to communicate. 

1 11. (Original) The method of claim 10, wherein the first party is a person 

2 seeking to communicate through the firewall from one of a number of possible 

3 Internet Protocol (IP) addresses. 
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1 1 2. (Original) The method of claim 7, wherein the group secret key is one 

2 of a plurality of group secret keys maintained by the group. 

1 13. (Currently amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for facilitating a key exchange that operates with a pre-shared secret key 

4 and that hides identities of parties involved in the key exchange, the method 

5 comprising: 

6 initially establishing a negotiated secret key between a first party and a 

7 second party by performing communications between the first party and the 

8 second party across a network; 

9 wherein the communications between the first party and the second party 

10 do not allow an eavesdropper to determine the negotiated secret key; 

1 1 encrypting an identifier for the first party using a first key that is a function 

12 of a group secret key and the negotiated secret key to form an encrypted identifier; 

1 3 wherein the group secret key is known to members of a group, including 

14 the first party and the second party, but is kept secret from parties outside of the 

15 group; 

16 sending the encrypted identifier from the first party across the network to 

1 7 the second party; 

1 8 allowing the second party to decrypt the encrypted identifier by using the 

1 9 group secret key and the negotiated secret key; 

20 allowing the second party to use the identifier to look up the pre-shared 

2 1 secret key in a table of pre-shared secret keys that was previously established 

22 between the first party and the second party; and 

23 using the pre-shared secret key in forming at least one subsequent 

24 communication between the first party and the second party. 
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1 



14 (Canceled). 



1 15. (Previously presented) The computer-readable storage medium of 

2 claim 13, wherein establishing the negotiated secret key involves using the 

3 Diffle-Hellman method to establish the negotiated secret key. 

1 16. (Original) The computer-readable storage medium of claim 13, 

2 wherein the second party is a firewall through which the first party seeks to 

3 communicate. 

1 17. (Original) The computer-readable storage medium of claim 16, 

2 wherein the first party is a person seeking to communicate through the firewall 

3 from one of a number of possible Internet Protocol (IP) addresses. 

1 18. (Original) The computer-readable storage medium of claim 13, 

2 wherein the group secret key is one of a plurality of group secret keys maintained 

3 by the group. 

1 19. (Currently amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for facilitating a key exchange that operates with a pre-shared secret key 

4 and that hides identities of parties involved in the key exchange, the method 

5 comprising: 

6 establishing a negotiated secret key between a first party and a second 

7 party by performing communications between the first party and the second party 

8 across a network; 

9 wherein the communications between the first party and the second party 
1 0 do not allow an eavesdropper to determine the negotiated secret key; 

6 
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1 1 allowing the first party to encrypt an identifier for the first party using a 

12 first key that is a function of a group secret key and the negotiated secret key to 

1 3 form an encrypted identifier; 

14 wherein the group secret key is known to members of a group, including 

1 5 the first party and the second party, but is kept secret from parties outside of the 

16 group; 

1 7 receiving the encrypted identifier at the second party from the first party 

1 8 across the network; 

19 decrypting the encrypted identifier by using the group secret key and the 

20 negotiated secret key; 

2 1 using the identifier to lookup the pre-shared secret key in a table of pre - 

22 shared secret keys that was previously established between the first party and the 

23 second party; and 

24 using the pre-shared secret key in forming at least one subsequent 

25 communication between the first party and the second party. 

1 20. (Currently amended) An apparatus that facilitates a key exchange that 

2 operates with a pre-shared secret key and that hides identities of parties involved 

3 in the key exchange, the apparatus comprising: 

4 establishing a negotiated secret key between a first party and a second 

5 party by performing communications between the first party and the second party 

6 across a network; 

7 wherein the communications between the first party and the second party 

8 do not allow an eavesdropper to determine the negotiated secret key; 

9 an encryption mechanism that is configured to encrypt an identifier for the 

1 0 first party using a first key that is a function of a group secret key and the 

1 1 negotiated secret key to form an encrypted identifier; 
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wherein the group secret key is known to members of a group, including 
the first party and the second party, but is kept secret from parties outside of the 
group; 

a communication mechanism that is configured to send the encrypted 
identifier from the first party across the network to the second party, so that the 
second party can decrypt the encrypted identifier by using the group secret key and 
the negotiated secret key in order to use the identifier to lookup the pre- shared 
secret key in a table of pre-shared secret keys that was previously established 
between the first party and the second party; and 

wherein the communication mechanism is additionally configured to use 
the pre-shared secret key to encrypt at least one subsequent communication 
between the first party and the second party. 

21 (Canceled) 

22. (Previously presented) The apparatus of claim 20, wherein establishing 
the negotiated secret key involves using the Diffie-Hellman method to establish 
the negotiated secret key. 

23. (Original) The apparatus of claim 20, wherein the second party is a 
firewall through which the first party seeks to communicate. 

24. (Original) The apparatus of claim 23, wherein the first party is a person 
seeking to communicate through the firewall from one of a number of possible 
Internet Protocol (IP) addresses. 

25. (Original) The apparatus of claim 20, wherein the group secret key is 
one of a plurality of group secret keys maintained by the group. 
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1 26. (Currently amended) An apparatus that facilitates a key exchange that 

2 operates with a pre-shared secret key and that hides identities of parties involved 

3 in the key exchange, the apparatus comprising: 

4 establishing a negotiated secret key between a first party and a second 

5 party by performing communications between the first party and the second party 

6 across a network; 

7 wherein the communications between the first party and the second party 

8 do not allow an eavesdropper to determine the negotiated secret key; 

9 a communication mechanism that is configured to receive an encrypted 

1 0 identifier at the second party from the first party across the network; 

1 1 wherein the encrypted identifier was produced by encrypting an identifier 

1 2 for the first party using a first key that is a function of a group secret key and the 

1 3 negotiated secret key; 

14 wherein the group secret key is known to members of a group, including 

1 5 the first party and the second party, but is kept secret from parties outside of the 

16 group; 

1 7 a decryption mechanism that is configured to decrypt the encrypted 

1 8 identifier by using the group secret key and the negotiated secret key; 

1 9 a lookup mechanism that is configured to use the identifier to look up the 

20 pre-shared secret key in a table of pre-shared secret keys that was previously 

21 established between the first party and the second party; and 

22 wherein the communication mechanism is additionally configured to use 

23 the pre-shared secret key in forming at least one subsequent communication 

24 between the first party and the second party. 
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